# TODO: Look through plugins and consider using subtechniques
OS_CREDENTIAL_DUMPING_T1003_TAG = "attack-t1003"  # credential access
DATA_FROM_LOCAL_SYSTEM_T1005_TAG = "attack-t1005"  # collection
REMOTE_SERVICES_T1021_TAG = "attack-t1021"  # lateral movement
COMMAND_AND_SCRIPTING_INTERPRETER_T1059_TAG = "attack-t1059"  # execution
ACCOUNT_MANIPULATION_T1098_TAG = "attack-t1098"  # persistence
INGRESS_TOOL_TRANSFER_T1105_TAG = "attack-t1105"  # command and control
BRUTE_FORCE_T1110_TAG = "attack-t1110"  # credential access
NETWORK_SHARE_DISCOVERY_T1135_TAG = "attack-t1135"  # discovery
UNSECURED_CREDENTIALS_T1552_TAG = "attack-t1552"  # credential access
EXPLOITATION_FOR_CLIENT_EXECUTION_T1203_TAG = "attack-t1203"  # execution
EXPLOITATION_OF_REMOTE_SERVICES_T1210_TAG = "attack-t1210"  # lateral movement
FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION_T1222_TAG = "attack-t1222"  # defense evasion
DATA_ENCRYPTED_FOR_IMPACT_T1486_TAG = "attack-t1486"  # impact
SYSTEM_SERVICES_T1569_TAG = "attack-t1569"  # execution
SYSTEM_INFORMATION_DISCOVERY_T1082_TAG = "attack-t1082"  # discovery
RESOURCE_HIJACKING_T1496_TAG = "attack-t1496"  # impact
ALTERNATE_AUTHENTICATION_MATERIAL_T1550_TAG = "attack-t1550"  # lateral movement
CREDENTIALS_FROM_PASSWORD_STORES_T1555_TAG = "attack-t1555"  # credential access
GATHER_VICTIM_HOST_INFORMATION_T1592_TAG = "attack-t1592"
ACTIVE_SCANNING_T1595_TAG = "attack-t1595"
DEFACEMENT_T1491_TAG = "attack-t1491"
INTERNAL_DEFACEMENT_T1491_001_TAG = "attack-t1491.001"
EXTERNAL_DEFACEMENT_T1491_002_TAG = "attack-t1491.002"
